CVE-2025-58855
BaseFortify
Publication date: 2025-09-05
Last updated on: 2026-04-23
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| denis_v | ap_honeypot_wordpress_plugin | 1.4 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1236 | The product saves user-provided information into a Comma-Separated Value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by a spreadsheet product. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-58855 is a Cross Site Request Forgery (CSRF) vulnerability in the AP HoneyPot WordPress Plugin (versions up to 1.4). It allows an attacker to trick authenticated users with higher privileges into executing unwanted actions on the site without their consent. This can compromise site security by exploiting broken access control mechanisms. [1]
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized actions being performed on your WordPress site by attackers exploiting authenticated users. It may result in compromised site security, including potential data manipulation or unauthorized changes. Since the plugin is abandoned and unpatched, the risk remains unless mitigated by virtual patching or removing the plugin. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for suspicious Cross Site Request Forgery (CSRF) attempts targeting the AP HoneyPot WordPress Plugin up to version 1.4. Since the plugin is vulnerable to CSRF and reflected XSS, you should look for unusual HTTP requests that attempt to exploit these issues, especially those that trick authenticated users into executing unwanted actions. Additionally, server-side malware scanning is recommended as plugin-based scanners may be unreliable. Specific commands are not provided in the resources, but using web server logs analysis tools (e.g., grep for suspicious POST requests) and malware scanning tools on the server is advised. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include removing and replacing the AP HoneyPot WordPress Plugin with a maintained alternative, as no official fix or updated version is available. Applying a virtual patch (vPatch) from Patchstack is recommended to provide automatic protection against exploitation without requiring an official patch. Additionally, if compromise is suspected, seek professional incident response and perform server-side malware scanning to ensure system integrity. [1]